Home   /   Our Competencies  /   Public Key Infrastructure

BİLGEM

Public Key Infrastructure

Visit UEKAE Page >>

ESYA SM - Electronic Certificate Asst. Infrastructure Certification Authority

Açık anahtar altyapısı, elektronik sertifikalar üzerine inşa edilmiş bir teknolojidir. Bu altyapı, elektronik sertifikaları üretmek için sertifikasyon makamı ve yardımcı yazılımlara ihtiyaç duyar. Sertifikasyon makamları kendilerine bağlı alt sertifikasyon makamları, kullanıcılar, sunucular ve cihazlar için elektronik sertifikalar üretirler. ESYA Sertifikasyon Makamı, Açık Anahtar Altyapısı (AAA-PKI) teknolojisini tamamen yerli olarak gerçekleyen Millî Açık Anahtar Altyapısı (MA3) Projesi’nin temel ürünüdür. ESYA Sertifikasyon Makamı, endüstriyel elektronik sertifika standartlarını (X.509, Nitelikli Elektronik Sertifika / NES vb.) destekler ve kullanıcı dostu bir arayüzle ihtiyaç sahiplerine tüm elektronik sertifika yaşam döngüsü (üretim, yenileme, askıya alma, iptal vb.) hizmetlerini sunar.
  • 509 v3 certificates, X.509 v2 certificate revocation lists (CRL/CRL)
  • Online Certificate Status Protocol (CISDUP/OCSP)
  • Key recovery and renewal
  • Ability to manage certificate lifecycle processes for User, Device, Institution and Role records (certification, certificate suspension, certificate revocation, password change and information update)
  • Production of Qualified Electronic Certificates (in accordance with Electronic Signature Law No. 5070)
  • SSL generation with Certificate Transparency support
  • SSL (Server and client), VPN certificate generation,
  • Easy integration with external systems with RESTful web service infrastructure,

Windows Smartcard Logon, Windows Domain Controller certificate generation

Crypto Features

  • RSA algorithm (1024, 2048, 4096 bit key length)
  • ECDSA algorithm (163, 192, 256, 368, 431, 512, 521 bit key lengths)
  • SHA-1, SHA-256, SHA-384, SHA-512 message digest algorithms

Crypto Hardware Support

  • Working with PKCS11 compatible smart cards and sticks
  • Using HSM (Hardware Security Module)
ESYA SM - Electronic Certificate Asst. Infrastructure Certification Authority
KERMEN - Public Key Infrastructure Desktop Client

KERMEN - Public Key Infrastructure Desktop Client

As a result of the widespread use of the Internet and computer systems, institutions and organizations have moved most of their work and services to the computer environment and have started to use the Internet as an effective communication channel. In this context, the use of e-mail and the amount and importance of the information it carries are increasing day by day. Leaving valuable information stored in files on work computers or transported on the Internet through channels such as e-mail unprotected against unauthorized access can cause commercial losses and weaken the reliability and brand value of organizations. Because of these, institutions need desktop security solutions for workstations, desktop and portable computers and secure communication ways over the internet.

Key Components

  • Secure email module
  • Desktop security module
  • Kermen

Sur Security Solutions

  • Secure email (SMIME)
  • File signing/encryption
  • Secure directory
  • Certificate validation
  • Secure Erase

Crypto Features

  • Working with X.509 v3 certificates prepared with RSA, DSA and elliptic curve algorithms
  • Use of 3DES, AES algorithms for PKCS7/CMS
  • SHA-1 and SHA-2 family message digest algorithms
  • PKCS12 and PKCS5 password-based encryption algorithms

Crypto Hardware Support

  • Working with PKCS11 compatible smart cards and sticks
  • Retrieve keys with PFX files and securely store/use in local storage when no smart card/stick is used

ESYA API / Electronic Signature Libraries

MA3 API E-Signature Software Libraries have been produced with BİLGEM's e-signature experience of more than 20 years and allow signing transactions to be done quickly and securely with their easy-to-use interfaces whose security and standards have been determined. Software libraries have been developed for Java and .NET platforms in order to easily integrate e-signatures into software.

Supported Standards

  • Electronic signature format (ASN data structure) in ETSI TS 101 733 CADES standard
  • Electronic signature format (XML data structure) in ETSI TS 101 903 XADES standard
  • Electronic signature format in ETSI TS 102 918 ASIC standard
  • Electronic signature format (PDF data structure) in ETSI 102 778 PADES standard

Supported Signature Types

  • Basic signature (ES-BES)
  • Timestamped signature (ES-T)
  • Principled signature (ES-EPES)
  • Signature with references (ES-C)
  • Signature with protected references (ES-X)
  • Long-term signature (ES-XL)
  • Archive signature (ES-A)

Crypto Hardware Support

  • Working with PKCS11 compatible smart cards and sticks
  • Working with hardware security modules (HSM)

Crypto Features

  • Working with X.509 v3 certificates prepared with RSA and elliptic curve algorithms
  • SHA-2 family of message digest algorithms

Offered Advantages

  • E-signature standards: Full compliance with international and national e-signature standards, laws, regulations and regulations
  • Full compliance with PKI standards, effortless access to certificate and key services
  • High-tech: Use of smart cards/sticks and HSM for high-level security
  • National software compatible with international security standards
  • Mobile technology: Interoperability on Android devices, use of Türk Telekom/Turkcell mobile signature
  • Smart card support: Ability to transact with smart cards of different brands. Faster transaction on AKIS smart cards with APDU
  • Ease of use and Turkish support

Timestamp Support

  • Ability to check the correctness of the timestamp signature
  • Access to all relevant information of a timestamped document

Other Public Key Infrastructure Services

  • X.509 certificate validation
  • X.509 certificate-based encryption
  • Mobile signature
ESYA API / Electronic Signature Libraries
ESYA ZD SERVER / ESYA Timestamp Server

ESYA ZD SERVER / ESYA Timestamp Server

Time Stamp is a security data defined by an international standard and legally valid in order to prove the existence of electronic data on a specified date. The Timestamp Server generates timestamps in accordance with these standards for electronic data sent to it. The need to prove the date and time where a contract is signed, money is transferred, an application is made, etc. is vital for today's e-commerce and e-government applications.

Bununla birlikte yeni bir çizim, tasarım, fotoğraf, düşünce, araştırma, formül, algoritma, kitap gibi fikrî ve mülki kullanım hakkı elde edilmek istenen her türlü elektronik veri için zaman damgası alınması gereklidir. 5070 sayılı Elektronik İmza Kanunu’na göre Zaman Damgası, “Bir elektronik verinin üretildiği, değiştirildiği, gönderildiği, alındığı ve/veya kaydedildiği zamanın tespit edilmesi amacıyla, elektronik sertifika hizmet sağlayıcısı tarafından elektronik imzayla doğrulanan kaydı” ifade eder.

ESYA Timestamp Server provides the following services:

  • Timestamp conforming to the RFC 3161 standard
  • Network Time Protocol (NTP) support
  • Ability to work at high performance with the use of HSM and parallel processing of simultaneous requests

OS

  • Windows 2008+
  • Linux

Hardware and Software Requirements

  • Intel/AMD Processor
  • At least 8GB of RAM
  • Oracle 11g or PostgreSQL 9.4 and higher database server
  • Java 1.8+

Supported Standards

  • RFC 3161 (Internet X.509 PKI Timestamp Protocol)
  • ETSI TS 102 023 Timestamp Authority Policy Requirements
  • X.509 v3 Certificates

Basic Security Services

  • Timestamp signing process using X.509 Certificates and public key algorithms
  • Authenticate client using PKCS 5
  • Archiving the timestamp

Certificate and Crypto Features

  • RSA and ECDSA algorithms support for timestamp signature
  • Use of AES encryption algorithm
  • Use of the SHA-1 and SHA-2 family of hash algorithms

Crypto Hardware Support

  • The timestamp server does the signing in the hardware security module (HSM)

Standards Compliance

Timestamp Server PKIX RFC 3161 (Internet X.509 PKI Time Stamp Protocol) security standards compliant with the Electronic Signature Law No. 5070 generates a valid Timestamp.

Advanced Customer Management

With its advanced customer management interface, the Timestamp server can receive customer applications, add credit to defined customers, and respond to timestamp requests according to defined customer information.

Archiving Timestamp Files

The Timestamp Server can archive the timestamps it generates for later verification.

Advanced Cryptographic Algorithm Support

Timestamp Server supports advanced signing algorithms such as RSA and ECDSA, and the SHA-2 family of hash algorithms.

İMZAGER - Desktop Signing Application

İMZAGER application is a helpful application that enables creating electronic signatures, viewing signatures in existing electronically signed documents, adding signatures and managing signatures. İMZAGER has been developed for software developers who develop electronic signature applications rather than corporate use.

 Supported Standards

  • ETSI TS 101 733 CAdES e-signature format
  • ETSI TS 101 903 XAdES e-signature format
  • ETSI TS 102 778 PADES e-signature format
  • E-Correspondence Version 1.0 Support
  • X.509 v3 certificates
  • X.509 v2 certificate revocation lists (CRL/CRL)
  • RFC 5280 certificate validation
  • RFC 2560 online certificate status protocol (CISDUP/OCSP)
  • RFC 3161 timestamp

Crypto Features

  • Working with X.509 v3 certificates prepared with RSA and Elliptic Curve Algorithms
  • SHA-2 family of message digest algorithms

Crypto Hardware Support

  • Working with PKCS11 compatible smart cards and sticks
  • Working with hardware security modules (HSM)
İMZAGER - Desktop Signing Application
Network HSM Network Hardware Security Module

Network HSM Network Hardware Security Module

BILGEM Network HSM is a device developed to perform cryptographic operations such as encryption, signing, signature verification and hashing over a network with high performance and security. The communication between the device and the client is carried out over secure channels established by mutual authentication. High security is provided for these sensitive assets as the keys used in the transactions are stored within the cryptographic boundary with physical attack protection. Critical security operations such as initialization, backup, software update, user authentication are performed after authorization and authentication based on the national Smart Card Operating System AKİS. The device also offers a national solution to key generation with its national random number generator. 

Management

  • Remote device management
  • GUI and command line administration program for remote administration
  • 4.3 inch touchscreen for on-device management
  • M-of-N admin verification on critical transactions
  • Keeping transaction records
  • Up to 256 PKCS#11 slots
  • Up to 32 client connections
  • Backup and restore

Performance

  • RSA 2048-bit signing 520 ops/second
  • RSA 4096-bit signing 110 ops/second
  • ECDSA 256-bit prime signing 1600 ops/second

Physical Interface

  • Gigabit Ethernet

Supported Operating Systems

  • Linux, Windows

Our Projects through the Eyes of Management

  • Remote device management
  • GUI and command line administration program for remote administration
  • 4.3 inch touchscreen for on-device management
  • M-of-N admin verification on critical transactions
  • Keeping transaction records
  • Up to 256 PKCS#11 slots
  • Up to 32 client connections
  • Backup and restore

PERFORMANCE

  • RSA 2048-bit signing 520 ops/second
  • RSA 4096-bit signing 110 ops/second
  • ECDSA 256-bit prime signing 1600 ops/second

PHYSICAL INTERFACE

  • Gigabit Ethernet

SUPPORTED OPERATING SYSTEMS

  • Linux, Windows

Communication and Customer Support
hsmdestek@tubitak.gov.tr

POLICIES            CHRONOLOGY             CERTIFICATES            PROCUREMENT
sage-logo-01@4x

ALL NEWS            PRESS KIT            PDPL           CONTACT

blank

It is the affiliated institution of the TR Ministry of Industry and Technology.

Facebook linkedin YouTube Instagram
blank

It is an institution of the Scientific and Technological Research Council of Türkiye.

POLICIES      CHRONOLOGY       CERTIFICATES    PROCUREMENT

NEWS            PRESS KIT            PDPL           CONTACT

blank
Facebook linkedin YouTube Instagram
blank
blank

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Artificial Intelligence Institute Documents and Presentations

sge

(SGE) Cyber Security Institute

The Cyber Security Institute, which was established to carry out studies to increase the national cyber security capacity, carries out research and development activities in the field of cyber security; carries out solutions-oriented projects for military institutions, public institutions and organizations and the private sector.

The main fields of activity of our institute, which has made a significant contribution to the creation of cyber security knowledge and tactical infrastructure in our country with many successful projects to date, are secure software development, penetration tests and vulnerability analysis.

Click for details..
blank
6-yze card logo

(IZE) Artificial Intelligence Institute

Artificial Intelligence Institute is the first institute established within the scope of TUBITAK centers and institutes, which cuts the sectors and research fields horizontally and focuses directly on the emerging technology field. For this reason, it constitutes an innovative model in terms of both the open innovation and co-development approach of the institute and its focus on emerging technology.

Artificial Intelligence Institute aims to develop core technologies in the field of artificial intelligence and bring these innovations from the forefront of science to the use of the industry as soon as possible. Focusing on the transformative potential of artificial intelligence, it will continue to play its part in pioneering efforts to create and sustain artificial intelligence-based innovation, growth and productivity in Turkey. Working with industry and public institutions in Turkey, together with other organizations within the artificial intelligence ecosystem, spreading the use of artificial intelligence and increasing the workforce specialized in this field are among its primary goals.

Click for details..
blank

Researcher

By joining TÜBİTAK BİLGEM as a Researcher, you can contribute to developments in the fields of information technology, information security, and advanced electronics. You'll have the opportunity to make your mark on innovations, closely follow advancements, enhance your skills, and shape your future by advancing in your career.

You can apply to our currently open positions through the TÜBİTAK Job Application System .

Application Conditions

Conditions for Job Application:

  • Foreign language proficiency: Attaining appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Fulfilling specific requirements stated in the announcement (such as undergraduate department, years of experience, expertise, etc.).
  • Satisfying the formula score:

For Candidates with Less than 3 Years of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + Additional Score* >= 3.20

 

For Candidates with 3 Years and More of Experience:

Weighted Graduation Average + (10,000 / University Placement Exam Ranking) + 5*[1 / (1 + e^(5 - years of experience) ) ] + Additional Score* >= 3.20


*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.

arastırmacı-img-1

Menu

Main Menu
Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Corporate

Laboratories

UEKAE Products

Projects and Programs

Menu

Corporate

Laboratories

BTE Products

Projects and Programs

Menu

Corporate

ILTAREN Products

Menu

Corporate

SGE Products

Menu

Corporate

YTE Products

Projects and Programs

Menu

Corporate

Competence Centers

Datasets

Candidate Researcher

Students in the 3rd and 4th years of relevant engineering departments at universities can apply to our Part-Time Candidate Researcher positions through our Job Application System at kariyer.tubitak.gov.tr. By doing so, they can gain work experience at TÜBİTAK BİLGEM during their university years.

This program does not have an end date. Candidate Researcher personnel working part-time during their university period can seamlessly transition to full-time employment as Researcher personnel at TÜBİTAK BİLGEM without interrupting their career journey after graduating from the undergraduate program.

Application Conditions

Conditions for the Candidate Researcher Program:

  • Being a 3rd or 4th-year student in the relevant departments specified in the announcements at universities.
  • Foreign language proficiency: Achieving appropriate scores in the exam types specified in the announcement or studying in a program that is 100% in English for undergraduate education.
  • Satisfying the formula score:

Weighted Graduation Average + (10,000/University Placement Exam Ranking) + Additional Score* >= 3.20

*Candidates who have achieved rankings and awards in national and international competitions will receive an additional score of 0.3.

aday-arastırmacı-img-1

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | All Rights Reserved.

Menu

Main Menu

BİLGEM Main Page>>

Facebook linkedin YouTube Instagram

© 2024 TÜBİTAK BİLGEM | Her Hakkı Saklıdır.

Discover institutes laboratories technologies products projects of BİLGEM.

Corporate

Institutes

Laboratories

Our Competencies

BİLGEM shapes the science and technology of the future with the technologies it develops, the products it produces, the solutions it offers and the numerous national and international achievements it has accomplished.

Projects and Programs

Intern

TÜBİTAK BİLGEM builds its basic strategy for the future on qualified knowledge and qualified people focused on national targets in the research, technology development and innovation ecosystem.

Starting from the understanding that "the most important resource of a country is generally people, specifically scientists," TÜBİTAK encourages and supports our youth from an early age. In this context, providing young minds with early exposure to technology production is crucial for the success of our National Technology Move. Accordingly, TÜBİTAK BİLGEM offers internship opportunities to undergraduate students from universities every year.

You can follow internship announcements and submit your applications through the Career Gateway at https://kariyerkapisi.cbiko.gov.tr.

Application Conditions
  • Students enrolled in undergraduate (2nd year and above) and associate degree programs in departments offering education in universities and conducting insurance procedures through the higher education institution to which they are affiliated can benefit from the internship opportunity.
  • For undergraduate and associate degree students, a minimum Weighted Grade Point Average (GPA) of 2.50 out of 4 is required. The GPA of candidates with a 100-point system is converted to a 4-point system based on the "Conversion Table of Grades from the 4-Point System to the 100-Point System" published by the Higher Education Council.
  • There is no requirement for a foreign language certificate during the internship application process.
  • Students enrolled in departments such as Forensic Computing Engineering, Computer Sciences, Computer Science and Engineering, Computer Engineering, Computer and Informatics, Computer and Software Engineering, Information Systems Engineering, Electrical and Electronics Engineering, Control Engineering, Control and Computer Engineering, Control and Automation Engineering, Mechanical Engineering, Mechatronics Engineering, Telecommunication Engineering, or Software Engineering in universities can apply for internships.

Internship applications are accepted between December and January, and the internship period covers June, July, and August.

stajyer-img-1

Scholar

Scholar assignments are made for research and development activities for undergraduate, master's, doctoral students, and post-doctoral researchers. In our center, scholars are appointed for practical purposes in externally funded, TARAL, or European Union projects.

You can contact us via the email address bilgem.yetenekkazanimi@tubitak.gov.tr to apply to be a scholar.
Application Conditions

(1) The conditions for undergraduate scholars in externally funded projects conducted by the institution are specified below:

  •  Being a student continuing undergraduate education at higher education institutions established in Turkey (excluding foreign language preparatory students).
  • Having a weighted cumulative GPA for previous years, excluding preparatory years, based on the university's grading system, which satisfies the formula score and foreign language requirements in the recruitment criteria.
  • Completing at least the first semester of the first year of undergraduate education.
  • Having a GPA of "+3.00" and a University Placement Exam Ranking of "10,000 ≥" for undergraduate general average.
  • For foreign students placed in Turkish universities without taking the ÖSYM exam or for those who completed undergraduate education through exams such as Vertical Transfer Exam, the lowest university placement ranking of the department from the year the candidate started the undergraduate program is considered in the ranking formula.

(2) The conditions for master's degree scholars in externally funded projects conducted by the institution are specified below:

  • Being a student continuing master's degree education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a master's degree in the project's field of responsibility.

(3) The conditions for doctoral students in externally funded projects conducted by the institution are specified below:

  • Being a student continuing doctoral education at higher education institutions established in Turkey (excluding special students and foreign language preparatory students).
  • Currently pursuing a doctorate in the project's field of responsibility or conducting a doctorate in areas determined within the framework of the YÖK-TÜBİTAK Doctoral Program Project Collaboration Protocol. (Students in medical specialization and artistic proficiency are accepted as doctoral students.)
bursiyer-img-1

MILSEC 4 - Secure IP Terminal

SAFE IP TERMINAL

While the MİLSEC-4 terminal offers an up-to-date solution for next-generation secure communication (voice, data and video) in IP networks, it provides an uninterrupted communication service by maintaining the compatibility of secure voice communication in PSTN networks with PSTN secure phones in use.
provides.

Configuration, surveillance and software update processes of MILSEC-4 terminals are carried out securely remotely using the Security Management Center (GYM). MİLSEC-4 terminal is capable of IP Network Key Loading (IPAAY) through secure communication with GYM without the need for an additional device.

MİLSEC-4 terminals are interoperable with MİLSEC-1A and MİLSEC-2 phones and offer the opportunity to replace MİLSEC-1A and MİLSEC-2 phones without interruption in the gradual transformation of PSTN networks to next generation IP networks.

FEATURES

  • End-to-end secure voice communication in PSTN networks
  • End-to-end secure voice, image and data transmission in IP networks
  • NATO SCIP compliance on IP networks
  • Compatibility with commercial SIP products
  • Interoperability with MILSEC1A and MILSEC2 secure phones
  • National and AES crypto algorithms
  • Remote software update
  • Easy operation with touch screen

It is subject to the sales license to be given by the Ministry of National Defense.

In order to serve you better, we place cookies on our site. To learn about our cookie policy click here.
We use cookies on our website to provide you with a better service. For information about our cookie policy please click here .